quiz 6 - Flashcards
Authentication and Account Management (lecture 8 and 11)??
________________ (BCP) is a strategic document that provides alternative
modes of operation for business activities
three goals:
* Business recovery planning
* Crisis management and communications
* Disaster recovery
_________________(COOP) is a federal initiative to encourage organizations
to address how critical operations will continue under a broad range of negative
circumstances
_____________(BIA)
* A BIA identifies business functions and quantifies the impact a loss of these functions may
have on business operations
A BIA will help determine the _________________, which is the activity that serves
as the core purpose of the enterprise
- A BIA can also help in the ____________ that support the mission-
essential function - Identifying a ______________
business continuity plan
Continuity of operation planning
Business Impact Analysis
mission-essential function
identification of critical system
single point of failure
When users create passwords, a one-way hash algorithm creates a message ______ of the password
Attackers work to steal the file of ___ ___. Which can be used to impersonate the user.
___ ___ can also be used, create known digests known as ___
digest (or hash)
password digests
password cracker, candidates
A ____ ____attack selects one or a few common passwords and then enters the same password when trying to login to several user accounts
password spraying
In an ___________________, every possible combination of letters, numbers, and characters used to create encrypted passwords are matched against the stolen hash file
- In an _________________, the same account is continuously attacked (called pounded) by entering different passwords
an _______________ uses the stolen hash file
* This is the slowest yet most thorough method
automated brute force attack
online brute force attack
offline brute force attacks
A _____ _____ conducts a statistical analysis on the stolen passwords that is used to create a mask to break the largest number of passwords
3 steps
rule attack
- sample of stolen password plaintext file is obtained
- statistical analysis is performed to determine the length and characters of the passwords
- A series of masks are generated that will be most successful in cracking the highest percentage of passwords
In a ____ ____, the attacker creates digests of common dictionary words and compares against a stolen digest file
____ ___ is the search for any two digests that are the same
dictionary attack
Birthday attack
____ ____ attack is a dictionary attack that uses a set of dictionary words and compares it with the stolen digests
Pre-image
____ ___ create a large pregenerated data set of candidate digests
advantages over other attack methods
can be used ______
faster than _____ attacks
less ____ required
Rainbow tables
repeatedly
dictionary
memory
Using _________________ as candidate passwords is the foundation of cracking today
stolen password collections
__________ is a type of authentication where a user is using more than one type of authentication credential
mfa
A _____ ____holds information to be used as part of the authentication process
disadvantages
- _____ and_____ required
- can be _____
smart card
hardware and software
cloned
smart cards
Stealing the information is often done by a process called _______
skimming
_____________:
Synched with an authentication server where the code is generated from an
algorithm
▶ The code changes every 30 to 60 seconds
_________ is “event-driven” and changes when a specific event occurs
Time-based one-time password (TOTP)
HMAC-based one-time password (HOTP)
is using a smartphone for authentication secure
why
no
messages can be phished
malware
A ____ ____is a dongle that is inserted into the USB port or Lightning port or held near the endpoint
A feature of security keys is _____, which is a key pair that is “burned” into the security key during manufacturing and is specific to a device model.
- has certificates that chain to a root cert
security key
attestation
______ _____ uses a person’s unique physical characteristics for
authentication
Physiological biometrics
specialized biometric scanner
____ ___ uses the human retina as a biometric identifier
fingerprint scanners
____ fingerprint scanner takes a picture and compares with image on file
____ fingerprint scanner uses a small slit or opening
Retinal scanner
Static
Dynamic
other human characteristics that can be used for authentication
vein
gait/the way they walk
standard input devices
- ____ ___ uses a standard computer microphone to identify users based on the
unique characteristics of a person’s voice - An ____ ___ uses a standard webcam to identify the unique characteristics of the iris
- ____ ____ uses landmarks called nodal points on human faces for authentication
Voice recognition
iris scanner
Facial recognition
biometric disadvantages
______ of hardware
some amount of _____
The ____ ____ ___ (FAR) is the frequency at which imposters are accepted as genuine
* The ____ ___ ___ (FRR) is the frequency that legitimate users are
rejected
cost
error
false acceptance rate
false rejection rate
_____ biometrics relates to perception, thought process, and understanding of the
user
It is considered easier for the user to remember because it is based on user’s life
experiences
also called knowledge based authentication
_____ passwords
Cognitive
picture passwords
_____ biometrics authenticates by normal actions the user performs
a type of this is keystroke dynamics
- uses two variables
– dwell time - time to press and release key
–flight time - time between keystrokes
Behavioral
protecting password digests
____: consists of a random string that is used in hash algorithms
– add a random string a a password before it is hashed
–makes dictionary and brute force attacks much slower
key ______ - is a specialized password hash algorithm that is intentionally designed to be slower
algorithms:
salts
stretching
brypt and PBKDF2
The most critical factor in a strong password is ____
length
A ____ ___is a secure repository where users can store passwords (also known
as a password manager)
3 types
____ ___ are a secure hardware-based solution to store passwords
A ______________________is a removable external cryptographic device that
includes an onboard random number generator and key storage facility
password vault
- generators
- online vaults
- password management applications
Password keys
hardware security module (HSM)
__________uses one authentication credential to access multiple
accounts or applications
Single sign-on (SSO)
_____ was originally designed for remote dial-in access to a corporate network.
is typically a device such as a wireless AP that is responsible for sending
user credentials and connection parameters to the ______ server
RADIUS
________ is an authentication system developed at MIT
* It uses encryption and authentication for security
* Works like using a driver’s license to cash a check
Difficult to ____
* Contains information linking it to the user
* It lists ____
* ____ some future date
Kerberos
copy
restrictions
Expires
__________ is commonly used on UNIX devices that communicates by forwarding user
authentication information to a centralized server
TACACS
TACACS
meaning
current version
Terminal Access Control Access Control System
TACACS+
A ___ ___ is a database stored on the network that contains information about users and network devices
- make it easier to grant privileges or permissions to network users and provide authentication
________________________ is an XML standard that allows secure web domains to exchange user
authentication and authorization data.
- allows a user’s login credentials to be stored with a single identity provider instead of being stored on each web service
provider’s server
directory service
Security Assertion Markup Language (SAML)
___ is a framework for transporting authentication protocols instead of the authentication
protocol itself
EAP
Critical devices can be fitted with a _____________ in case one power supply fails
- An _________________________ is a device that maintains power to equipment in the event of an interruption in primary electrical power source
dual power supply
uninterruptible power supply (UPS)
______ UPS
- cheaper
- charged by main power supply
- alternates between primary power when needed
________ UPS
can serve as a ____ ___
runs off its battery while main power charges battery
not affected by dips in voltage
off-line
on-line
- surge protector
A ____ ___ can be powered by diesel, natural gas, or propane
backup generator
Recovery sites are backup sites that may be necessary if flood, hurricane, or other major
disaster damages building
3 types
A _____site is generally run by a commercial disaster recovery service and has the
following characteristics:
* Duplicate of the production site
* Has all needed equipment
* Data backups can be moved quickly to the ____ site
A ___ site provides office space but the customer must provide and install all equipment
needed to continue operations
* No backups immediately available
* Less expensive than a hot site
* Takes longer to resume full operation
A __-_ site has all the equipment installed but no active Internet or telecommunications
facilities
* No current data backups
* Less expensive than a hot site
* Time to turn on connections and install backups can be half a day or more
hot
cold
warm
_________________(RPO) is the maximum length of time organization can tolerate between backups
- ______________ (RTO) is the length of time it will take to recover backed up data
Recovery point objective
Recovery time objective
CDP meaning
CDP performs continuous backups that can be restored immediately
- It maintains a historical record of all changes made to data
- CDP creates a ____ of the data (like a reference marker)
continuous data protection
snapshot
Which type of disk drive redundancy uses separate controller cards for each disk and
duplicates the contents of one disk to a second disk?
a. Disk striping
b. Disk mirroring
c. Disk duplexing
d. Distributed parity
Answer: c. Disk duplexing
Disk duplexing is a variation of RAID 1 (disk mirroring) in which separate controller
cards are used for each disk to protect against disk controller failure.
A ______ a document that outlines specific requirements or rules that must be met and generally has the following characteristics:
- Communicates a consensus of judgment
- Defines appropriate behavior for users
- Identifies what tools and procedures are needed
- Provides directives for Human Resources action in response to inappropriate behavior
- May be helpful if it is necessary to prosecute violators
policy
Which standard allows secure web domains to exchange user authentication and authorization
data?
a. LDAP
b. SAML
c. MS-CHAP
d. TACACS
Answer: b. SAML
Security Assertion Markup Language (SAML) is an XML standard that allows secure
web domains to exchange user authentication and authorization data.
______________ (DRP) focuses on protecting and restoring information technology
functions
Disaster Recovery Plan
Fault tolerance refers to a system’s ability to deal with malfunctions
- The solution to fault tolerance is to build in _____
- Which is the use of duplicated equipment to improve the availability of a system
A goal is to reduce a variable known as the _____________________ which is the average amount of time that it will take a device to recover from a failure that is not a
terminal failure
redundancy
mean time to recovery (MTTR)
To protect an endpoint from malware infections, programs are available that can “freeze”
a computer to prevent it from accepting any changes from malware
* This makes the computer _________
nonpersistent
______________measures the average time until a component fails
and must be replaced
Mean time between failures (MTBF)
_______________________(RAID) uses multiple hard disk drives to
increase reliability and performance
_______________________(RAID) uses multiple hard disk drives to
increase reliability and performance
A ________________SAN) is a dedicated network storage facility that provides access
to data storage over a high-speed network
storage area network (
________ is a technique for creating more than one physical path between devices and a SAN
Multipath
_____________________ (SDN) controllers can increase network reliability and may lessen the need for redundant equipment
Virtual software defined-network
_______________ requires that if a fraudulent application of a process could
potentially result in a breach of security, the process should be divided between two or
more individuals
Separation of duties
___________ involves preventing one individual from having too much control
Job rotation
_______________
* An audit of the employee’s activities is usually scheduled while they are away
Mandatory vacation
A ______ ____ __s designed to ensure that all confidential or sensitive materials are removed from a user’s workspace and secured when the items not in use
clean desk policy
_____ _____ means that only the minimum amount of privileges necessary to perform
a job or function should be allocated
Employee _____ refers to the tasks associated with hiring a new employee
▶ Background check and employee nondisclosure agreements are typically part of
this step
employee ____ entails actions to be taken when an employee leaves an
enterprise
▶ Backing up all employee files, archiving email, forwarding email to a manager,
disabling the employee’s accounts are among the steps that should be taken
least privilege
onboarding
offboarding
An acceptable use policy (AUP) is a policy that defines actions users may perform while
accessing systems and networking equipment
________________ (BCP) is a strategic document that provides alternative
modes of operation for business activities
three goals:
* Business recovery planning
* Crisis management and communications
* Disaster recovery
_________________(COOP) is a federal initiative to encourage organizations
to address how critical operations will continue under a broad range of negative
circumstances
_____________(BIA)
* A BIA identifies business functions and quantifies the impact a loss of these functions may
have on business operations
A BIA will help determine the _________________, which is the activity that serves
as the core purpose of the enterprise
- A BIA can also help in the ____________ that support the mission-
essential function - Identifying a ______________
business continuity plan
Continuity of operation planning
Business Impact Analysis
mission-essential function
identification of critical system
single point of failure
______________ (DRP) focuses on protecting and restoring information technology
functions
Disaster Recovery Plan
Fault tolerance refers to a system’s ability to deal with malfunctions
- The solution to fault tolerance is to build in _____
- Which is the use of duplicated equipment to improve the availability of a system
A goal is to reduce a variable known as the _____________________ which is the average amount of time that it will take a device to recover from a failure that is not a
terminal failure
redundancy
mean time to recovery (MTTR)
To protect an endpoint from malware infections, programs are available that can “freeze”
a computer to prevent it from accepting any changes from malware
* This makes the computer _________
nonpersistent
______________measures the average time until a component fails
and must be replaced
Mean time between failures (MTBF)
_______________________(RAID) uses multiple hard disk drives to
increase reliability and performance
redundant array of independent devices
A ________________(SAN) is a dedicated network storage facility that provides access
to data storage over a high-speed network
storage area network
________ is a technique for creating more than one physical path between devices and a SAN
multipath
_____________________ (SDN) controllers can increase network reliability and may lessen the need for redundant equipment
Virtual software defined-network
_______________ requires that if a fraudulent application of a process could
potentially result in a breach of security, the process should be divided between two or
more individuals
Separation of duties
___________ involves preventing one individual from having too much control
Job rotation
_______________
* An audit of the employee’s activities is usually scheduled while they are away
Mandatory vacation
A ______ ____ __is designed to ensure that all confidential or sensitive materials are removed from a user’s workspace and secured when the items not in use
clean desk policy
_____ _____ means that only the minimum amount of privileges necessary to perform
a job or function should be allocated
Employee _____ refers to the tasks associated with hiring a new employee
▶ Background check and employee nondisclosure agreements are typically part of
this step
employee ____ entails actions to be taken when an employee leaves an
enterprise
▶ Backing up all employee files, archiving email, forwarding email to a manager,
disabling the employee’s accounts are among the steps that should be taken
least privilege
onboarding
offboarding
An ___ ____ ___ (AUP) is a policy that defines actions users may perform while
accessing systems and networking equipment
acceptable use policy
____ ___
* Several policies relate to the management and functioning of the organization:
* Change management
* Change control
* Asset management
Organizational Policies
____ ___
* Data classification policy is a written policy that addresses assigning labels to data based
on their importance
* Data governance policy is a series of formal guidelines regarding the data itself
* Data retention policy specifies how long data should be retained after it has fulfilled its
initial purpose
Data Policies
The manager of your company is concerned that the finances are at risk because Jane, the
accountant, is the only person in the organization that has responsibility over the money that
goes in and out of the business. What policy should he put in place to ease his concerns?
a. Least privilege principle
b. Separation of duties
c. Nondisclosure agreement
d. Acceptable use
Answer: b. Separation of duties
Separation of duties requires that if a fraudulent application of a process could
potentially result in a breach of security, the process should be divided between two
or more individuals